From: Digest <deadmail>
To: "OS/2GenAu Digest"<deadmail>
Date: Mon, 5 Sep 2005 00:02:58 EST-10EDT,10,-1,0,7200,3,-1,0,7200,3600
Subject: [os2genau_digest] No. 1181
Reply-To: <deadmail>
X-List-Unsubscribe: www.os2site.com/list/

**************************************************
Sunday 04 September 2005
 Number  1181
**************************************************

Subjects for today
 
1  Re:  ADSL Router : Mike O'Connor" <mikeoc at internode.on dot net>
2  Re:  ADSL Router : Peter Rehfisch" <gillpete at vic.australis dot com dot au>
3  Re:  ADSL Router : Mike O'Connor" <mikeoc at internode.on dot net>
4  Re:  ADSL Router : Peter Rehfisch" <gillpete at vic.australis dot com dot au>
5  Re:  ADSL Router : Mike O'Connor" <mikeoc at internode.on dot net>
6  Re:  ADSL Router : Peter Rehfisch" <gillpete at vic.australis dot com dot au>
7  Re:  ADSL Router : Ian Manners" <deadmail>
8  Re:  ADSL Router : Ian Manners" <deadmail>
9  Re:  ADSL Router : Ian Manners" <deadmail>
10  Re:  ADSL Router : Ian Manners" <deadmail>

**= Email   1 ==========================**

Date:  Sun, 04 Sep 2005 01:07:09 +1000
From:  "Mike O'Connor" <mikeoc at internode.on dot net>
Subject:  Re:  ADSL Router

Peter Rehfisch wrote:

>Do you use a firewall on the computers attached to the router? Wouldn't this make P2P more 
>difficult?
>  
>
Hi Peter,

I have my Internode 1.5M/256K ADSL [PPPoA selected - could use PPPoE 
instead, but PPPoA recommended as better] set up so that the ADSL line 
goes directly to a Linksys AG041 Gateway [4-port 10/100mbps Router/SPI 
Firewall etc.], with just one of the ports wired directly to a XNet 
8-port 10/100 switch. the other 4-5-6 systems all are connected directly 
to the switch only and I'm only running TCP/IP and regular Netbuei [IBM 
Netbios], so every system has direct internet access independent of any 
other system - E-Mail on one, News on another, Browsers on a couple etc, 
with nothing exposed externally.  I haven't used IBM's "P2P" {Network 
Person[s] to Person[s] application - Whiteboarding/Video etc., between 
OS/2 systems} since about 1994 when it came out with Warp 3 Connect as 
part of the first BonusPak, so I assume you're  referring  to the 
misnomer for "Peer" networking!

It's great - after having only had dial-up access on a poor quality PSTN 
line for years prior to getting ISDN 64Kb access for the past couple of 
years immediately before longer-run [> 3.5KM] ADSL was implemented by 
Teletra. Internode are extending their 12Mbps ADSL2, now upped to 
24Mbpfs ADSL2+ throughout Metro areas outside of Adelaide and parts of 
Melbourne, at prices that are very good -- 12M/1M is the same price 
where available as regular 1.5M/256K/5GB-month at full speed etc for 
$59.95 - I love it :-)

-- 
Regards,
Mike

Failed the exam for
--------------------
MCSE - Minesweeper Consultant and Solitaire Expert
--------------------
[Please ZIP any attachments, other than GIF/JPG or plain-text]

----------------------------------------------------------------------------------
 

**= Email   2 ==========================**

Date:  Sun, 04 Sep 2005 10:16:25 +1100
From:  "Peter Rehfisch" <gillpete at vic.australis dot com dot au>
Subject:  Re:  ADSL Router

So how do I know if the router is set up securely enough not to need a software firewall on 
the computers. I tried ShieldsUp at www.grc dot com and it passed. Is this enough?
----------------------------------------------------------------------------------
 

**= Email   3 ==========================**

Date:  Sun, 04 Sep 2005 11:20:17 +1000
From:  "Mike O'Connor" <mikeoc at internode.on dot net>
Subject:  Re:  ADSL Router

Peter Rehfisch wrote:

>So how do I know if the router is set up securely enough not to need a software firewall on 
>the computers. I tried ShieldsUp at www.grc dot com and it passed. Is this enough?
>  
>
Hi Peter,
Did you get a perfect "Stealth" on the 1056[?] ports that GRC tests -- 
no responses to any of the ports probed?
That's what I get here - omitted to mention that NAT is also enabled of 
course in the AG041 that I have. I have no software firewall at all here 
and have had no problems with at least a couple of my systems on ~24 x 7 
[~150 days plus since ADSL connected].

-- 
Regards,
Mike

Failed the exam for
--------------------
MCSE - Minesweeper Consultant and Solitaire Expert
--------------------
[Please ZIP any attachments, other than GIF/JPG or plain-text]
----------------------------------------------------------------------------------
 

**= Email   4 ==========================**

Date:  Sun, 04 Sep 2005 12:45:57 +1100
From:  "Peter Rehfisch" <gillpete at vic.australis dot com dot au>
Subject:  Re:  ADSL Router

Mike O'Connor wrote-

>Did you get a perfect "Stealth" on the 1056[?] ports that GRC tests -- 

Yes- is that enough to mean I don't need the Injoy Firewall?
----------------------------------------------------------------------------------
 

**= Email   5 ==========================**

Date:  Sun, 04 Sep 2005 13:47:49 +1000
From:  "Mike O'Connor" <mikeoc at internode.on dot net>
Subject:  Re:  ADSL Router

Peter Rehfisch wrote:

>Mike O'Connor wrote-
>
>>Did you get a perfect "Stealth" on the 1056[?] ports that GRC tests -- 
>>    
>>
>Yes- is that enough to mean I don't need the Injoy Firewall?
>  
>
Hi Peter,

That has been my personal experience, but as they say YMMV - but I feel 
quite safe with the SPI-level hardware Firewall and NAT, although as yet 
on my 1999 VAIO Notebook, {finally with OS/2 on it in addition to 
original [Sony OEM Version with AFAICS all of the Sony-specific SE 
features (Firewire etc.) before they were released]W98, following a HDD 
upgrade from 6.4 to 30GB}, on which Internet Exploder/!Look-OUT! have 
_never_ been used, {I used NS 4.73 and 6.0 under OS/2 InJoy (Dialler 
only - not the FW)} running on another LAN system with NAT enabled -- on 
either Warp/MCP or eCS 1.x, I haven't been in any hurry to do so as I've 
had more pressing hardware stuff to sort out on our favourite OS - dying 
HDUs etc.

All the best!

-- 
Regards,
Mike

Failed the exam for
--------------------
MCSE - Minesweeper Consultant and Solitaire Expert
--------------------
[Please ZIP any attachments, other than GIF/JPG or plain-text]

----------------------------------------------------------------------------------
 

**= Email   6 ==========================**

Date:  Sun, 04 Sep 2005 21:50:54 +1100
From:  "Peter Rehfisch" <gillpete at vic.australis dot com dot au>
Subject:  Re:  ADSL Router

So....

I can access Internet through each computer now connected to the router, and they can ping 
each other, but not see each other on the network. I have TCPIP and netbios on each NIC.
Do I need TCPIP settings for routing? Host names? 

Any suggestions?

----------------------------------------------------------------------------------
 

**= Email   7 ==========================**

Date:  Sun, 04 Sep 2005 23:05:00 +1000 (EST)
From:  "Ian Manners" <deadmail>
Subject:  Re:  ADSL Router

Hi Peter

> I have a Netcomm 1300  4 port router for my ADSL connection. This allows 2 computers to each 
> access the Internet.
> Can I use the router to connect the 2 computers Peer-to-Peer?

Yes, you can use the NB1300 4 port to connect 2-4 computers using Peer
Networking, it is simply a hub that has been included with the standard
Netcomm ADSL Modem/Router all as one package. It will happily work
with TCP/IP as well as other protocols such as NETBEUI, either as a
straight protocol, or over TCP.

You would simply setup your peer network as per normal, ensuring that
each computer has a different Peer Computername but all on the same
Peer Domain (called workgroup under windows).

Be mindful that you do need to install IBM's Peer Lan software, this is
not normally installed by default. I'd have to dig around to find out
were it lives on the OS/2 CD, some earlier (no idea if it still is or not)
OS/2 Lan software installs use to put the peer install files in x:\ibmlan\install

You can find information in NETBEUI over TCP/IP, or just straight NETBEUI
in the mailing list archives at http://www.os2site.com/list/digest/ also try the
http://www.os2voice dot org/ newsletter archives.

Cheers
Ian Manners
http://www.os2site dot com/

A 100% right of return both ways.
----------------------------------------------------------------------------------
 

**= Email   8 ==========================**

Date:  Sun, 04 Sep 2005 23:13:53 +1000 (EST)
From:  "Ian Manners" <deadmail>
Subject:  Re:  ADSL Router

Hi Peter

> So how do I know if the router is set up securely enough not to need a software firewall on 
> the computers. I tried ShieldsUp at www.grc dot com and it passed. Is this enough?

If your not using external 'Peer to Peer' internet software or other programs that
need access to non standard ports when replying to an internally generated TCP
request, then just having NAT (Network Address Translation) should be all
that you need. In fact Netcomm do have a basic firewall ontop of the NAT in
the NB1300 which will also allow you to open one or more ports anyway.

Injoy firewall's main use is for people that want to log data flow, as well as have
select ports open to allow external uses access to your internal resources.
It also depends on your level of parania :-)

On the other hand, if one of your computers is Windows, I would use a firewall
to ensure that all windows generated packets apart from what are really
required to exit your network, are stopped at your network border.

If GRC reports that you are in Stealth mode, with no open ports then all
is generally well.

This could quite easily turn in to a rather lengthy topic to.

Cheers
Ian Manners
http://www.os2site dot com/

PACT ShutDown, Get outta Windows the way you want: reformat the hard disk and install OS2!!
----------------------------------------------------------------------------------
 

**= Email   9 ==========================**

Date:  Sun, 04 Sep 2005 23:21:36 +1000 (EST)
From:  "Ian Manners" <deadmail>
Subject:  Re:  ADSL Router

Re what Kris Steenhaut wrote:

> If you are using adsl with a dynamic IP address, a firewall isn't much 
> of a use anyway.

Correct, all you need is NAT unless you are hosting a website or other server that is.

> So, no, I don't use the inbuild router's firewall, coz it would be 
> senseless.

Only if you need port(s) open to the outside world. It can come in handy though to
log data if you are curious put thats something for you.

If your running pure OS/2 with no server software running, then your very much
safe anyway, even without NAT but NAT gives you a nice fuzzy feeling of
security, and it doesnt hurt to be sure.

Cheers
Ian Manners
http://www.os2site dot com/

Bus error: passengers dumped
----------------------------------------------------------------------------------
 

**= Email   10 ==========================**

Date:  Sun, 04 Sep 2005 23:22:09 +1000 (EST)
From:  "Ian Manners" <deadmail>
Subject:  Re:  ADSL Router

Hi Peter

> Do you use a firewall on the computers attached to the router? Wouldn't this make P2P more 
> difficult?

Working on what Mike said, if your talking about any data moving on your internal
network, the NB1300 NAT. and/or firewall have no say in relation to that data, both
NAT and the Firewall only act on data coming in, and going out, on your routers
"external" interface, ie, the telephone line side of the netwrok in this case.

If you are using IBM's LAN Peer networking inside your network, that will
work fine, if you are in fact talking about Internet Peer to Peer software, than
you may need to open ports on your firewall, this also depends on the PP
software used. This is a generalisation, there are always exceptions.

Cheers
Ian Manners
http://www.os2site dot com/

"My mom said she learned how to swim.  Someone took her out in the lake and threw her off the boat.  That's how she learned how to swim.  I said, 'Mom, they weren't trying to teach you how to swim.' " --Paula Poundstone
----------------------------------------------------------------------------------
 

